Lucene search
HistorySep 08, 2009 - 11:30 p.m.
CVE-2009-3108
symantec
altiris
deployment solution
aclient gui
security
vulnerability
cve-2009-3108
6.7 Medium
AI Score
Confidence
Low
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
9.3%
The Aclient GUI in Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 installs a client executable with insecure permissions (Everyone:Full Control), which allows local users to gain privileges by replacing the executable with a Trojan horse program.
Related
cvelist
cvelist
CVE-2009-3108
2009-09-08 23:00:00
prion
prion
Code injection
2009-09-08 23:30:00
nessus
nessus
symantec
symantec
Symantec Altiris Deployment Solution Multiple Vulnerabilities
2009-08-26 08:00:00
6.7 Medium
AI Score
Confidence
Low
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
9.3%
Related for CVE-2009-3108